Two schools run by Skinners Kent Academy Trust had to temporarily close last week following a personal data breach. The Trust has reported that hackers broke into their servers on Wednesday 2 June 2021. The decision was made to temporarily close the schools once the impact of the breach became apparent the following Monday.

Hackers succeeded in encrypting information but it remains unclear whether any information was also exported from the Trust’s systems. As a precautionary measure, the Trust has urged parents to contact their banks to let them know that their personal banking details could have been taken.

The closure of the schools has become necessary because vital safeguarding and emergency contact information held on the School Information Management System was encrypted and can no longer be accessed. In addition, staff were unable to access teaching resources required to deliver lessons. The Trust began work immediately to re-collect vital data from parents and have computers reconfigured in order that the affected schools can reopen.

The attack will undoubtedly put the ongoing debate as to whether paying hacker ransoms should be made unlawful back into the spotlight. The Cyber Security Breaches Survey 2021 published by the Department for Digital, Culture, Media and Sport in March 2021 reports that 39% of businesses and 26% of charities have reported suffering cyber security breaches or attacks within the last 12 months. These statistics rise to 65% for medium businesses, 64% for large businesses and 51% for high income charities.

The Skinners Kent Academy Trust schools are not the first schools to have suffered at the hands of cyber-attackers. Previous attacks within the sector include an attack on Meadow Vale Primary School in May 2020 and an attack against Harris Federation which educates 37,000 pupils across 50 primary and secondary schools in London and Essex in March of this year.

The National Cyber Security Centre (NCSC) has previously published warnings regarding the increasing number of cyber-attacks within the education sector and is advising education establishments to follow its Mitigating Malware and Ransomware Guide.

The NCSC's guidance advises that schools should take steps such as:

  • making regular backups of important files
  • implementing measures to prevent malware from being delivered and spread across devices, such as filtering permitted file types and blocking malicious websites, implementing VPNs and installing software patches as soon as they become available; and
  • preparing for an incident by putting a detailed and tested incident management plan in place.

The guidance also sets out steps that an organisation can take to limit the impact of cyber attacks for schools that are already affected.

We strongly recommend all schools and educational establishments review the NCSC's guidance and work with their IT security providers to ensure that appropriate protections are in place.